1 In the claims: 

2 1. An apparatus that provides secure access to resources in an distributed computer 

3 network, the computer network coupled to one or more processors that execute jobs posted in the 

4 computer network, comprising: 

5 ajob ticket service that is capable of storing ajob ticket, wherein the job ticket provides 

6 areference to ajob to be executed in the computer network and wherein the job includes one or 

7 more resources, and wherein a processor accesses the job ticket in order to execute the job; 

8 an authentication mechanism, wherein the authentication mechanism is capable of verifying 

9 an identity of a processor attempting to access the job ticket; and 

10 an authorization mechanism that is capable of receiving the identity from the authentication 

1 1 mechanism and capable of providing authority for the processor to access the job ticket, wherein 

12 when the processor accesses the job ticket, the processor accesses the one or more resources. 

13 2. The apparatus of claim 1 , wherein the job ticket comprises a processor 

1 4 authorization list that indicates processors authorized to access the j ob ticket, and wherein the 

1 5 authorization mechanism compares an identification of the processor to the processor authorization 

16 list to determine if the processor is authorized access to the job ticket. 

17 3. The apparatus of claim 1, wherein the authentication mechanism comprises an 

1 8 authentication server coupled to the job ticket service. 

19 4, The apparatus of claim 1, wherein the authorization mechanism comprises an 

20 authorization server coupled to the job ticket service. 

21 5. The apparatus of claim 1, wherein the authentication mechanism comprises an 

22 authentication program and the authorization mechanism comprises an authorization program, and 

23 wherein the authentication program and the authorization programs are installed in the j ob ticket. 

24 6. The apparatus of claim 1, wherein the authorization mechanism comprises a 

25 password mechanism, wherein the processor provides a password to the authorization mechanism. 

26 7. The apparatus of claim 1, wherein the authorization mechanism comprises a public 

27 key /private key infrastructure. 

28 8. The apparatus of claim 1, wherein the job ticket comprises a signature segment, 

29 wherein the job ticket is signed with a message digest signature. 

30 9. The apparatus of claim 1, wherein the job ticket comprises one or more branches, 
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1 wherein the processor accesses one of the one or more branches, and wherein the authorization 

2 mechanism controls access to the branch. 

3 10. A method for providing secure access to resources in an distributed computer 

4 network, the computer network coupled to one or more processors that execute jobs posted in the 

5 computer network, comprising: 

6 storing a job ticket that defines a job to be executed by a processor, wherein the job 

7 includes one or more resources; 

8 receiving an access request from the processor; 

9 authenticating an identity of the processor; and 

10 authorizing an access by the processor based on the authenticated identity. 

11 11. The method of claim 1 0, wherein the authenticating step, comprises: 

12 receiving a password from the processor; and 

1 3 verifying the password. 

14 12. The method of claim 10, wherein the authorizing step comprises comparing the 

15 authenticated identity of the processor to a list of authorized processors. 

16 13. The method of claim 1 2, further comprising storing the list of authorized processors 

1 7 with the j ob ticket. 

18 14. The method of claim 1 0, wherein the job ticket service comprises programming to 

19 perform the authentication step and the authorizing step. 

20 15. The method of claim 10, wherein a job ticket service center coupled to the 

2 1 computer network performs the authentication and the authorizing steps. 

22 16. The method of claim 10, further comprising; 

23 providing the job ticket with a signature segment; and 

24 signing the job ticket with a message digest signature. 

25 17. The method of claim 10, further comprising: 

26 defining the job with a plurality of branches; 

27 providing information on the job ticket for each of the plurality of branches; and 

28 controlling access by the processor to one or more of the plurality of branches. 

29 18. A job ticket that provides secure access to resources in a networked environment, 

30 comprising: 
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1 a job ticket framework that includes information related to tasks to be performed under 

2 control of the j ob ticket, wherein the framework comprises a node-tree structure comprising a 

3 plurality of nodes, and wherein each node of the plurality of nodes includes a list of one or more 

4 processors authorized access to the node; and 

5 a signature section that provides an authentication and authorization control module for the 

6 j ob ticket, wherein a processor accessing a node provides an identification to the control module, 

7 the control module comparing the identification to the list of one or more processors for the node. 

8 19. The job ticket of claim 1 8, wherein the job ticket is stored in a job ticket service, 

9 the job ticket service comprising a location in the environment, 

10 20. The job ticket of claim 19, wherein the environment is the Internet^ and wherein the 

1 1 location is a web site. 

12 21 . A program storage device readable by a computer, tangibly embodying a program 

13 of instructions executable by the computer to perform method steps to control access to jobs 

14 posted in a computer network, the method steps, comprising: 

1 5 storing a job ticket that defines a job to be executed by a processor, wherein the job 

1 6 includes one or more resources; 

17 receiving an access request from the processor; 

1 8 authenticating an identity of the processor; and 

1 9 authorizing an access by the processor based on the authenticated identity. 

20 22. The program storage device of claim 21, wherein the method steps further comprise: 

21 receiving a password from the processor; 

22 verifying the password; 

23 comparing the authenticated identity of the processor to a list of authorized processors; and 

24 storing the list of authorized processors with the job ticket. 



HP: 10005660-1 



32 



